code => sub {
my ($param) = @_;
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
my $cts = $param->{content} ? [ $param->{content} ] : [ @ctypes ];
my $storeid = $param->{storage};
my $cfg = cfs_read_file("storage.cfg");
- my $scfg = PVE::Storage::storage_config ($cfg, $storeid);
+ my $scfg = PVE::Storage::storage_config($cfg, $storeid);
my $res = [];
foreach my $ct (@$cts) {
next if !$data || !$data->{$storeid};
foreach my $item (@{$data->{$storeid}}) {
+ eval { $rpcenv->check_volume_access($authuser, $cfg, undef, $item->{volid}); };
+ next if $@;
$item->{content} = $ct;
push @$res, $item;
}
method => 'GET',
description => "Get volume attributes",
permissions => {
- description => "You need 'Datastore.Audit' or 'Datastore.AllocateSpace' privilege on the storage.",
+ description => "You need read access for the volume.",
user => 'all',
},
protected => 1,
my ($volid, $storeid) = &$real_volume_id($param->{storage}, $param->{volume});
- $rpcenv->check_any($authuser, "/storage/$storeid", ['Datastore.Audit', 'Datastore.AllocateSpace']);
-
my $cfg = cfs_read_file('storage.cfg');
+ $rpcenv->check_volume_access($authuser, $cfg, undef, $volid);
+
my $path = PVE::Storage::path($cfg, $volid);
my ($size, $format, $used) = PVE::Storage::file_size_info ($path);
* rbd: rework pool - username - auth_supported options
+ * API: fix access rights: use $rpcenv->check_volume_access()
+
-- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 06:41:58 +0100
libpve-storage-perl (2.3-3) unstable; urgency=low
projects / pve-storage.git / commitdiff